File: /home/govancoz/mail/.spam/new/1742364830.M55523P3673014.zacp120.webway.host,S=6713,W=6849
Return-Path: <hanflxxghmnd@gmail.com>
Delivered-To: govancoz+spam@zacp120.webway.host
Received: from zacp120.webway.host
by zacp120.webway.host with LMTP
id 2CgLA55g2me2CzgA8rC0kQ
(envelope-from <hanflxxghmnd@gmail.com>)
for <govancoz+spam@zacp120.webway.host>; Wed, 19 Mar 2025 08:13:50 +0200
Return-path: <hanflxxghmnd@gmail.com>
Envelope-to: danielle@govan.co.za
Delivery-date: Wed, 19 Mar 2025 08:13:50 +0200
Received: from [89.34.18.182] (port=33586 helo=mail.hzam.net)
by zacp120.webway.host with esmtp (Exim 4.98.1)
(envelope-from <hanflxxghmnd@gmail.com>)
id 1tumgW-0000000FQ1A-2NvV
for danielle@govan.co.za;
Wed, 19 Mar 2025 08:13:49 +0200
Received: from User (unknown [195.211.191.234])
by mail.hzam.net (Postfix) with SMTP id 21BCA964B9;
Wed, 19 Mar 2025 04:24:34 +0000 (UTC)
Reply-To: <portovalidinvest@onionmail.com>
From: "DMGLD"<hanflxxghmnd@gmail.com>
Date: Tue, 18 Mar 2025 21:24:35 -0700
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Spam-Status: Yes, score=30.2
X-Spam-Score: 302
X-Spam-Bar: ++++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "zacp120.webway.host",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Dear Sir/Madam Good day! I have a investment portfolio of
(HIGH VALUE US$150M) One Hundred and Fifty Million United States Dollars
to discuss with you. Feel free to share your ideas and experience in Return
on Inves [...]
Content analysis details: (30.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[89.34.18.182 listed in bl.score.senderscore.com]
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[89.34.18.182 listed in sa-trusted.bondedsender.org]
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[89.34.18.182 listed in sa-accredit.habeas.com]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[89.34.18.182 listed in psbl.surriel.com]
0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is
CUSTOM_MED
1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
Alignment
0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message and
the domain has no DMARC policy
1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'
1.8 MILLION_USD BODY: Talks about millions of dollars
0.0 NSL_RCVD_FROM_USER Received from User
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.0 HK_RANDOM_ENVFROM Envelope sender username looks random
1.0 HK_RANDOM_FROM From username looks random
0.5 SUBJ_ALL_CAPS Subject is all capitals
1.2 MISSING_HEADERS Missing To: header
1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[hanflxxghmnd(at)gmail.com]
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
1.9 REPLYTO_WITHOUT_TO_CC No description available.
2.1 MALFORMED_FREEMAIL Bad headers on message from free email service
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
0.0 FROM_MISSP_USER From misspaced, from "User"
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
1.8 FROM_MISSP_REPLYTO From misspaced, has Reply-To
0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list
0.0 TO_NO_BRKTS_MSFT To: lacks brackets and supposed Microsoft tool
0.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only
2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 MONEY_FROM_MISSP Lots of money and misspaced From
0.0 SPOOFED_FREEMAIL No description available.
0.4 SPOOF_GMAIL_MID From Gmail but it doesn't seem to be...
3.5 FROM_MISSP_FREEMAIL From misspaced + freemail provider
2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Flag: YES
Subject: ***SPAM*** TO-INVEST: 89.34.18.182M
<HTML><HEAD><TITLE></TITLE>
</HEAD>
<BODY bgcolor=#FFFFFF leftmargin=5 topmargin=5 rightmargin=5 bottommargin=5>
<FONT size=2 color=#000000 face="Arial">
<DIV>
Dear Sir/Madam</DIV>
<DIV>
</DIV>
<DIV>
</DIV>
<DIV>
Good day! I have a investment portfolio of (HIGH VALUE US$150M) One Hundred and Fifty Million United States Dollars to discuss with you. Feel free to share your ideas and experience in Return on Investments (ROI) from your country economy status presently. I would like to invest this fund with your company if you have the ability to direct and manage this funds very well.</DIV>
<DIV>
</DIV>
<DIV>
</DIV>
<DIV>
Await your positive response </DIV>
<DIV>
</DIV>
<DIV>
</DIV>
<DIV>
Regards</DIV>
<DIV>
</DIV>
<DIV>
DR. Edgar PORTO</DIV>
</FONT>
</BODY></HTML>